TNW Sites

Over the years, multiple studies have found that Google Chrome’s V8 JavaScript engine was returning not-so-random numbers when you called the Math.random() function.

Today that’s been fixed, with the release of Chrome 49, which will be available soon. Math.random() is the most frequently used way to generate randomness in Javascript, which is an important component of many web applications.

The study had previously found that the randomness wasn’t really random at all, eventually falling into patterns given enough time.

To fix the bug Google needed to switch to a new pseudo-random number generator called xorshift128+ which fixes the not-quite-random problem found in the older MWC1616 algorithm.

xorshift128+ results in random numbers that are actually random and offers significant performance improvements, however is not cryptographically secure, so shouldn’t be used to create GUIDs or other secure hashes.

Google says it was happy to fix the problem and is encouraging anyone who spots an abnormality, big or small, to file issues on its bug tracker in the future.